Configuring Peripheral Device Access

Peripheral devices cannot be encrypted and do not contain storage. These predefined actions define which peripheral devices can be used with an endpoint computer.

Action	Description
Allow connecting essential devices (keyboard, mouse, and network adapters)	Access to necessary peripheral devices for basic computer functionality is allowed. Other peripheral devices are blocked.
Block all transmitting devices (Modem, Bluetooth, IrDA, Wi-Fi)	Access to transmitting peripheral devices is blocked. Other peripheral devices are allowed.
Allow connecting all peripheral devices	Access to all devices that cannot be encrypted or do not contain storage is allowed.

You can also create and change your own custom actions.

Creating a Custom Action

To create a new custom action:

1. In the Media Encryption & Port Protection rule, right-click the Peripheral Device action and select Create Custom.
2. In the Peripheral Device Access window, enter a unique action name and, optionally, textual comments.
3. For each device in the list, change the Access Type as necessary (Allow or Block).
4. For each device in the list, change the Log settings as necessary:
   • Log - Create log entries when a peripheral device is connected to an endpoint computer (Action IDs 11 and 20)
   • None - Do not create log entries
5. Optional: Add new devices as necessary.

Changing an Existing Action

To change an existing action definition:

1. In the Media Encryption & Port Protection rule, right-click an action and select Edit Properties.
2. In the Peripheral Device Access window, click Edit Name & Description and change settings as necessary.
3. For each device in the list, change the Access Type as necessary (Allow or Block).
4. For each device in the list, change the Log settings as necessary:
   • Log - Create log entries when a peripheral device is connected to an endpoint computer (Action IDs 11 and 20)
   • None - Do not create log entries
5. Optional: Add new devices as necessary.